Oops, sorry, I missed the clause where you said "or another wallet you own" and only saw the part that said "Sending your Monero to someone else..."
I will try to read more carefully next time
This is like saying a mixer is functionally no different than a coinjoin
When you rely on someone else to hold your money temporarily and then send it to you later, you might get robbed
Lightning fixes this
Please provide an example where chain analysts could not access the sending wallet
Here are two examples where they could access it and caught their target:
1. Finnish authorities trace monero from swap service to monero wallet to binance: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack
2. Chainalysis traced monero and caught a Columbian criminal who used it: https://cointelegraph.com/news/chainalysis-leak-monero-traceability
> you cant tell the real receiver of a monero tx *at all*
You can
That is how the Columbian guy in the attached video got caught
Chainalysis asked Morphtoken what address they sent the monero to and Morphtoken could give them a straight, honest answer -- because in monero you can just do that, you can log who received the money
In lightning, you can't, because (1) the pubkey in an invoice never even receives any money, it's only used for communication (2) it doesn't tell you what channel or htlc actually received the money (3) it might not even belong to the recipient thanks to trampoline routing
>90% of the time it's going to be the real destination
You don't know that
By default, surveillance has to deal with this heuristic: the sender doesn't know if the recipient's invoice uses a trampoline node or not. So he doesn't know if the pubkey in the invoice even belongs to the recipient.
In monero, the sender DOES know that information. The pubkey in a monero address always belongs to the recipient.
In monero, surveillance is possible by default
In lightning, it's not
Indeed, let's get our facts straight
In monero, the sender knows exactly where his money went, because he knows which "receiver" address is the real one and which is for change
In lightning, he doesn't know that, because (1) the pubkey in the invoice doesn't even receive any money, it's just for communication (2) it might not even belong to the recipient thanks to trampoline routing
By default, lightning privacy beats the pants off of monero
Eat your heart out, nostr:nprofile1qqs936kc97s4k4gqjnmltljgqns0uadh08d77t5mypg3anxkneks37gpz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0ds5n22nz et. al.
LSPs can't tell if the pubkey in a bolt11 is the *real* destination or just another routing node
They *assume* it's usually the real destination but "YMMV" (i.e. they aren't sure)
Bolt11 has better privacy than a monero address
Source: https://x.com/PhoenixWallet/status/1916844583402590504
I issued a public challenge to Phoenix Wallet here: https://x.com/SuperTestnet/status/1916838692259299818
They claim they can trace bolt11 payments to their destination if the sender uses their software. Let's see them trace mine!
LSP Blinder is undetectable so who knows if it's already in use? No one! Since LSP Blinder ruins LSP heuristics and no one knows if it's in use, LSPs can't know if their heuristics work. They can't know who the sender or the recipient is.
well then give me a few days and I'll try to change the world
I'm right and I know how to prove it
Time to build LSP Blinder: a tool that lets you trick an LSP into thinking *one* wallet is the sender or recipient when the *real* sender or recipient was some other wallet -- potentially one the LSP doesn't even know exists
I figured out a way to let any lightning wallet route a payment even if it doesn't have code for routing. The technique has a few things in common with the concept of "wrapped invoices" except I figured out how to do it even if the wallet doesn't have code for creating them.
I also figured out how to use this technique to ruin the heuristics Acinq uses to determine the "origin" phoenix wallet and the "recipient" phoenix wallet. I know how to blind an LSP.
Wanna help me build it? I'm happy to discuss it with you in DMs!
I did not notice it, but now I've read it. I think they are wrong.
They claim that when paying a bolt11 invoice, Acinq "learns the amount and destination of BOLT 11 payments" because they are the ones who calculate the route. But I think they are overestimating what they learn -- bolt11 has built in privacy protections that I don't think they are considering, including these:
- a bolt11 does not tell you the recipient's ip address unless they are a routing node -- it just tells you a random pubkey that is only used for communication and never holds any money
- a bolt11 does not tell you what bitcoin address the money ends up in (i.e. the 2 of 2 channel whose state gets updated. It also doesn't tell you the address of the off-chain htlc that temporarily holds the money until the payment resolves)
- the pubkey listed in a bolt11 might not even belong to the "real" recipient -- invoice wrapping is a thing supported by several services now including voltage, lnproxy, and robosats, and Phoenix cannot know if an invoice is wrapped or not
- the pubkey listed in a bolt11 might simply belong to another routing node and Phoenix would have no clue -- they are just "assuming" the pubkey belongs to the recipient (and thus that they know the destination) but it might belong to a routing node and screw up their assumptions
- so Phoenix might *think* they learn info about the destination from a bolt11, but I don't think they really do
- and btw, that tells them nothing about the sender -- the person who *seems* like the sender might be a routing node too and Phoenix would have no idea
They also claim: "ACINQ doesn't know the origin node [when you receive a payment[. It knows the destination Phoenix node and the amount."
I think they are wrong again. They might *think* they know the destination because they assume they are forwarding it to you and it stops there. But *you* might be a routing node forwarding it to someone else and they would have no idea about this.
> In the case of Phoenix->Phoenix payments, ACINQ will always know the origin and destination node, and the amount, even with BOLT 12
I think they are wrong again. A phoenix->phoenix payment inherits the same uncertainties as every other payment: they don't know if the person who *seems* like the sender is the *real* sender or just another routing node; they don't know if the person who *seems* like the recipient is the *real* recipient or just another routing node; they *think* they learn all this info but I don't think they are considering the privacy protections built into bolt11 and as well as optionally available through invoice wrapping services (some of which are automatic)
Bolt11 is more private than you might realize! I certainly think it's more private than Phoenix realizes.
> Does it know that you only have private channels and you don’t route?
Suppose it only knows about private channels and cannot see any public channels belonging to you. How does that change anything? It still doesn't know if you're just another routing node: you can route through private channels, especially if you have a different node that *does* have public channels, and *that* node has a private channel with *this* node (i.e. with the only one the LSP knows about)
> Is the LSP calculating the route for you?
Suppose it is. How does that change anything? He doesn't know if you're the first hop (you might be a routing node) and he doesn't know if your recipient is the last hop (HE might be a routing node too)
Is the receiver also connected to the LSP?
Suppose he is. How does that change anything? The LSP still doesn't know if the recipient listed in the invoice is the *real* recipient or a routing node.
> ppl first get used to crypto [through stablecoins]
I don't understand this claim. Is it that paying with bitcoin scares people but paying with a stablecoin doesn't? If so, what makes it less scary? Is it that paying with a stablecoin is more familiar? If so, in what way? Isn't the experience identical?
I don't think you believe this, but this is the image that comes to mind when I hear people make this "bridge" claim:
Alice got some bitcoins. She has them in her wallet. She goes to a merchant that accepts bitcoin, and the merchant shows her a qr code to pay. She gets scared because this isn't like a debit card -- she doesn't know what to do!
Bob got some stablecoins. He has them in his wallet. He goes to
a merchant that accepts stablecoins, and the merchant shows him a qr code to pay. Bob is fine with this because stablecoins are easier than bitcoin.
I hope you can see why I think that's pretty ridiculous scenario. But if that isn't what you mean by the "getting used to it" stuff, then what DO you mean? I don't get it.